Re: Wherefor 2.4.36?
Since this tag is only days away, the committers would really appreciate any feedback from early adopters. I'm not certain on the status of the auth hook fix, but believe it's certainly ready to have the tires kicked, so we can avoid any quirks resulting from the TLS 1.3 efforts. Please feel free to try it from the 2.4.x branch and let us know your observations. I believe it is stable enough for review now. On Sat, Oct 6, 2018, 19:54 Michael-Fever wrote: > > Aww, all I care about is getting 2.4.36 going so I can say I have TLS 1.3 > supported with my h2. LOL, no but seriously, is 2.4.36 stable enough to be > using? > > > > -- > Sent from: > http://apache-http-server.18135.x6.nabble.com/Apache-HTTP-Server-Dev-f4771363.html >
Re: svn commit: r1837056 - in /httpd/httpd/trunk: ./ include/ modules/filters/ modules/http/ modules/http2/ modules/proxy/ modules/test/ server/
On Thu, Oct 4, 2018 at 7:20 PM William A Rowe Jr wrote: > > On Thu, Oct 4, 2018 at 12:09 PM Evgeny Kotkov > wrote: >> >> >> However, a more important question is whether there is an actual problem to >> solve. I see that ap_http_header_filter() features a whitelist of headers >> that are sent for 304 responses (http_filters.c:1428), and all headers such >> as Content-Encoding are filtered anyway. > > > AIUI Transfer-* headers should be filtered. Content-* headers must match > the specific ETag as if the response was 200, from my reading. I'm reading the below as a "SHOULD NOT" for anything other than: Cache-Control, Content-Location, Date, ETag, Expires, and Vary. https://tools.ietf.org/html/rfc7232#section-4.1 : Since the goal of a 304 response is to minimize information transfer when the recipient already has one or more cached representations, a sender SHOULD NOT generate representation metadata other than the above listed fields unless said metadata exists for the purpose of guiding cache updates (e.g., Last-Modified might be useful if the response does not have an ETag field). I may be missing something but it seems to me that Content-Encoding shouldn't be set, "Vary: Accept-Encoding" is how we tell that content encoders (deflate, brotli...) are (or could be) in the place.
Re: Wherefor 2.4.36?
On 07 Oct 2018, at 03:16, Daniel Ruggeri wrote: > Actually, I'm glad you asked. I committed after 2.4.35 to T 2.4.36 soon > after. I'm happy to do that ASAP if there are no objections. > > What say you, fellow devs? How about next week? +1 and thank you. Would be good to see TLS 1.3 out the door. Regards, Graham —
Bug report for Apache httpd-2 [2018/10/07]
+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned| | | OPN=ReopenedVER=Verified(Skipped Closed/Resolved) | | | +-+ | | | Severity: BLK=Blocker CRI=Critical REG=Regression MAJ=Major | | | | MIN=Minor NOR=NormalENH=Enhancement TRV=Trivial | | | | +-+ | | | | Date Posted | | | | | +--+ | | | | | Description | | | | | | | | 8713|Inf|Min|2002-05-01|No Errorlog on PROPFIND/Depth:Infinity| | 8867|Opn|Cri|2002-05-07|exports.c generation fails when using a symlink to| |10747|New|Maj|2002-07-12|ftp SIZE command and 'smart' ftp servers results i| |11294|New|Enh|2002-07-30|desired vhost_alias option| |11580|Opn|Enh|2002-08-09|generate Content-Location headers | |12033|Opn|Nor|2002-08-26|Graceful restart immediately result in [warn] long| |13599|Inf|Nor|2002-10-14|autoindex formating broken for multibyte sequences| |13661|Ass|Enh|2002-10-15|Apache cannot not handle dynamic IP reallocation | |14104|Opn|Enh|2002-10-30|not documented: must restart server to load new CR| |14496|New|Enh|2002-11-13|Cannot upgrade any version on Windows. Must uninst| |14922|Inf|Enh|2002-11-28| is currently hardcoded to 'apache2' | |15719|Inf|Nor|2002-12-30|WebDAV MOVE to destination URI which is content-ne| |16761|Inf|Nor|2003-02-04|CustomLog with pipe spawns process during config | |16811|Ass|Maj|2003-02-05|mod_autoindex always return webpages in UTF-8.| |17107|New|Min|2003-02-16|Windows should not install printenv | |17114|New|Enh|2003-02-17|Please add strip and install-strip targets to Make| |17244|Ass|Nor|2003-02-20|./configure --help gives false information regardi| |17497|Opn|Nor|2003-02-27|mod_mime_magic generates incorrect response header| |18325|New|Enh|2003-03-25|PAM support for suEXEC| |18334|Inf|Cri|2003-03-25|Server crashes when authenticating users against L| |19670|New|Enh|2003-05-05|content type header supplied upon PUT is thrown aw| |20036|Ass|Nor|2003-05-19|Trailing Dots stripped from PATH_INFO environment | |21260|New|Nor|2003-07-02|CacheMaxExpire directive not enforced ! | |21533|Ass|Cri|2003-07-11|Multiple levels of htacces files can cause mod_aut| |22484|Opn|Maj|2003-08-16|semaphore problem takes httpd down| |22686|Opn|Nor|2003-08-25|ab: apr_poll: The timeout specified has expired (7| |22898|Opn|Nor|2003-09-02|nph scripts with two HTTP header | |23167|Inf|Cri|2003-09-14|--enable-layout never goes to apr apr-util| |23181|New|Nor|2003-09-15|Status 304 (Not modified) and chunking leads to an| |23238|New|Cri|2003-09-18|non-async-signal-safe operations from signal handl| |23330|New|Enh|2003-09-22|Enhance ApacheMonitor to view and control Tomcat s| |23911|Opn|Cri|2003-10-18|CGI processes left defunct/zombie under 2.0.54| |24031|New|Enh|2003-10-23|Passphrase protected private key in SSLProxyMachin| |24095|Opn|Cri|2003-10-24|ERROR "Parent: child process exited with status 32| |24437|Opn|Nor|2003-11-05|mod_auth_ldap doubly-escapes backslash (\) charact| |24890|Opn|Nor|2003-11-21|Apache config parser should not be local aware ( g| |25014|New|Enh|2003-11-26|A flexible interface for mod_log_config | |25201|New|Enh|2003-12-04|Provide Cache Purge operation | |25240|Inf|Enh|2003-12-05|SSL Library Error: 336105671 logged as information| |25435|New|Enh|2003-12-11|sethandler and directoryindex not playing nice| |25469|Opn|Enh|2003-12-12|create AuthRoot for defining paths to auth files | |25484|Ass|Nor|2003-12-12|Non-service Apache cannot be stopped in WinXP | |25543|Inf|Nor|2003-12-15|mod_proxy_ajp overwrites existing response headers| |25667|New|Nor|2003-12-19|Memory leak in function ssl_scache_dbm_retrieve().| |25863|New|Enh|2004-01-02|new per-host initialization hooks | |26142|New|Maj|2004-01-14|EnableSendFile Off for Windows XP Home| |26153|Opn|Cri|2004-01-15|Apache cygwin directory traversal vulnerability | |26368|New|Min|2004-01-23|File extensions in AddDescription treated as part | |26446|New|Nor|2004-01-26|flush buckets followed by eos bucket emit multiple| |26478|New|Enh|2004-01-28|mod_dav does not expose a method for setting the D| |26835|New|Enh|2004-02-10|[PATCH] Mod_status Readability & Browser Side Tabl|
